Visualize L4 metrics

Description

I've had folks ask multiple times recently to try to help understand and visualize communications which ExtraHop doesn't parse out of the box. To that end, I put together a device level page which charts some of those key metrics at the transport:port level.

Say for example that you want to visualize tcp:23 (telnet) communications over time. The bundle (page) json attached provides that ability, charting:

Installation Instructions

First in the attached json bundle file, globally replace tcp:23 with the L7 spec of your choice (transport:port, L7 protocol spec, or custom protocol name map of your choice.)Second in the attached json bundle file, globally replace Telnet with the Name of the communication - your choice as well.happy visualizing...

Pro Tip (even for me) from Professor Green:

To install a bundle (json file) like the one referenced here, download the file to your local PC, then use the ExtraHop interface to upload, apply,and assign the bundle.In ExtraHop

Navigate to Settings => Bundles

Click the Upload button

Browse to and select the JSON file you just downloadedUpload the file

before you close the dialog, Click Apply to restore the Bundle components to your ExtraHop.

Assign the page to any devices for which you would like this visualization using the green + button on the device's metadata page or add it to a group or list of devices using the Action dropdown in most any device list page:

Community discussion about this bundle

ExtraHop uses cookies to improve your online experience. By using this website, you consent to the use of cookies. Learn More